Our clien is hiring an SAP Security Architect Location: Montreal or Greater Toronto Area Workplace Type: Hybrid – Onsite 4 days/week mandatory Salary: $117,560 to $154,300
*Salary offers will vary commensurate with experience, education, skills, and training
Overview of the role:
Our client is seeking a Security Architect – SAP & Non SAP Platforms who will be responsible for designing, governing, and continuously improving security architectures across SAP landscapes and non SAP enterprise applications. This role ensures that security controls are embedded by design, aligned with business needs, regulatory requirements, and industry best practices, while supporting digital transformation initiatives such as SAP S/4HANA, cloud adoption, and system integrations.
Security Architect is responsible for defining, designing, and governing enterprise Identity & Access Management architecture across on premises, cloud, and SaaS platforms. This role ensures that identity services enable the business securely, at scale, and in compliance with regulatory and audit requirements
The architect acts as a trusted advisor to IT, business, and risk stakeholders, balancing security, usability, and operational efficiency. Qualifications:
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
8+ years of experience in application security, security architecture, or enterprise IT security.
5+ years of hands on experience with SAP security architecture.
5+ years in IAM architecture, design, or senior engineering roles.
Strong expertise in: SAP security (roles/authorizations, S/4HANA, Fiori, GRC), Identity & Access Management (IAM), Application security principles and SDLC, Cloud and hybrid architectures
Solid understanding of: Network, OS, and database security concepts, Secure integration patterns (REST, APIs, middleware), Logging, monitoring, and incident response integration, Deep expertise in IAM, including: Identity lifecycle management, Access governance, Federation & SSO, PAM
Strong knowledge of: Active Directory, Entra ID / Azure AD, Cloud IAM concepts, Authentication protocols (SAML, OAuth, OIDC), Familiarity with IAM platforms (e.g., Saviynt, CyberArk, BeyondTrust, Okta, Azure IAM).
Strong analytical and problem-solving skills.
Ability to explain complex security concepts to technical and non-technical audiences.
Experience influencing without authority in matrix organizations.
Excellent documentation and communication skills.
Strong architectural and analytical thinking
Ability to balance security, usability, and automation
Leadership without authority and agility to influence
